Difference between revisions of "Self Encryption Drive"
From NixOS Wiki
(Add information of using OPAL with NixOS) |
(Add warning about the new wiki) |
||
Line 1: | Line 1: | ||
+ | {{warning|1=You are reading an article on the deprecated unofficial wiki. For the up to date version of this article, see https://wiki.nixos.org/wiki/Self_Encryption_Drive.}} | ||
+ | |||
To encrypt your drive using the OPAL standard that many modern storage devices implement you have to follow the instructions on this page: https://github.com/Drive-Trust-Alliance/sedutil/wiki/Encrypting-your-drive | To encrypt your drive using the OPAL standard that many modern storage devices implement you have to follow the instructions on this page: https://github.com/Drive-Trust-Alliance/sedutil/wiki/Encrypting-your-drive | ||
Revision as of 06:55, 5 April 2024
To encrypt your drive using the OPAL standard that many modern storage devices implement you have to follow the instructions on this page: https://github.com/Drive-Trust-Alliance/sedutil/wiki/Encrypting-your-drive
The relevant configuration bits for NixOS are here: https://gist.github.com/callahad/a42d1e7edeaffa68517405e35a173b56
Kernels since 19.03 do have the necessary option CONFIG_BLK_SED_OPAL to let this work on suspend/resume. See https://github.com/NixOS/nixpkgs/pull/56147
Please be aware that the use of this encryption raises some security concerns and maybe vulnerable to a number of security attacks, see: